It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Troubles to make SSO work

Hi!

I can not make SSO with crowd working. I have set up SSO, as desribed in the articles for Jira and Confluence, but can not make it work.

If I log in to Jira with a Crowd User and then change to Confluence I have to log in again.
I have checked the cookies. The Crowd Cookie seems to be there, like you can see here:

Cookie.png

This cookie somehow seems to be ignored on my Jira, Confluence and crowd.

The urls I have set up for Jira, Confluence and Crowd are:
https://jira.braunstein-web.com/
https://confluence.braunstein-web.com/
https://crowd.braunstein-web.com:8096/crowd/

So they all are sharing the braunstein-web.com domain.

The crowd directory for Jira and Confluence is set up correctly with the above url and is working. Just Single Sign On does not work.

The username I use is "armin". This user is inside the groups "jira-administrators", "jira-users", "confluence-administrators", "confluence-users", "crowd-administrators".

On Jira I am using the SSOSeraphAuthenticator, on Confluence the ConfluenceCrowdSSOAuthenticator.

I also tried to switch off the "Require consistent client IP address", but also did not help.

Please find the debugging log of crowd here:

http://greentacarcuna.com/files/atlassian-crowd.log

4 answers

Is there really no possible solution for this?

If that is how Atlassian is caring about issues of customers, then I maybe better should not use Jira if my company grows bigger..

I bought crowd actually only for having SSO, and now I can not use it, even, at least it seems, the configuration is done correctly.

I know it's only the "community support", but in the community support description it's written, that, if no answer comes from the community, Atlassian members will care about. But so far no reaction from Atlassian. The bigger licenses would really cost not so less money, that makes a bit worry if it will be also like that, if I need a higher license..

0 votes

@Armin Cheng I am sorry for my late reply but we must have missed your post earlier. Is this problem still occurring?

Hi Marek! Yes, I still was not able to solve the problem. 

Ok thanks @Armin Cheng for your quick answer. I wanted also to thank you for buying Crowd and let you know that we are working on improvements of SSO. The current functionality of course should work for you properly so we will look into that and let you know. 

@Marcin Kempa can you please advice something here?

0 votes
Marcin Kempa Atlassian Team Dec 08, 2018

Hi @Armin Braunstein,

 

Please accept our apologies for not reacting earlier on your request.

As I understand you problem is that you have:

  • Jira
  • Confluence
  • Crowd

set in the same domain.

All of them have the same user directories configured in Crowd (so Jira and Confluence have same ldap or internal directories in the same order configured inside Crowd application).

You have configured seraph.xml files in both Jira and Confluence to use SSO authentication with Crowd (also the crowd.properties files in those applications properly points to Crowd).

When you log in to Jira and then navigate to Confluence you need to login again as the session is not automatically authenticated.

The crowd.token_key cookie is properly set on that domain.

Is that a fair summary of your issue?

 

I had a look at your log file, and it looks like there are errors indicating that password did not match. Would it be possible that the directories are not configured in different order for those applications?

In order to investigate this issue further please provide har file of you trying to login to those applications and support zips of all applications in your setup (those will include log files)

If possible I would suggest opening a support case, so that we could exchange files easily not exposing any sensitive data if that is not possible due to licensing restrictions please send us those files at mkempa@atlassian.com and we will try to help you with that.

Best Regards,

Marcin Kempa

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted in Jira

We want to hear from you! How do you use Slack and Atlassian together?

Hi Everyone! My name is Mina and I am on Atlassian’s Ecosystems Marketing team. Our team is focused on our technology partnerships and marketplace apps. One of Atlassian’s partners is Slack, who ...

24 views 0 2
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you